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earned patent term adjustment. See 37 CFR 1.704(b). 

Status 
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DETAILED ACTION 

1 . Claims 1-19 are pending in this office action. 

2. Applicant's arguments, filed June 7, 2005, have been fully considered but they 
are not persuasive. 

Claim Rejections 

3. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

Claim Rejections - 35 USC § 103 

4. Claims 1-14 and 16-18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Raith (U.S. Patent No. 5,237,612) in view of Huang et al. (U.S. 
Patent No. 6,477,543). 

Regarding claims 1. 8. 12. 16. and 18 . Raith teaches a method/machine- 
accessible medium for a first device and a second device to maintain synchronization of 
a shared, dynamic secret, the method comprising: 

• The second device sending an authentication request to the first device (col. 17, 
lines 12-18); 

• The first device, in response to the authentication request, 
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o Authenticating the second device (col. 17, lines 16-18), 
o Sending an authentication reply to the second device (col. 17, lines 18- 
20), and 

o Advancing a first copy of the secret (col. 17, lines 35-40); 

• The second device, in response to the authentication reply, 

o Advancing a second copy of the secret (col. 17, lines 35-40, the second 
device would have to advance its copy of the rolling code or else it would 
be pointless in having a rolling code); 

• The first device, 

o Sending data to the second device (col. 20, lines 9-12), 

o Again advancing the first copy of the secret (col. 1 9, lines 62-67); 

• The second device, 

o Consuming the data (col. 20, lines 9-12), and 

o Again advancing the second copy of the secret (col. 19, lines 62-67, the 
second device would have to advance its copy of the rolling code or else it 
would be pointless in having a rolling code). 



Raith does not teach the first device sending a data completion message to the 
second device. However, it can be argued that the first device sends a completion 
message because the call ends successfully. Some type of message would have to be 
sent from the first device to the second device in order for proper termination of the call. 
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Huang et al. teaches the first device sending a data completion message to the 
second device (col. 12, lines 51-55). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine sending a data completion message to the second 
device, as taught by Huang et aL with the method of Raith. It would have been obvious 
for such modifications because a termination message indicates the resources used are 
no longer needed, thus freeing up resources. 

Regarding claim 2 , the combination of Raith in view of Huang et al. teaches 
wherein the first device comprises a server and the second device comprises a web 
appliance (see fig. 1, ref. num 101/106 of Huang et al.). 

Regarding claims 3 and 9 , the combination of Raith in view of Huang et al. 
teaches further comprising: 

• The first device storing the again advanced first copy of the secret (see col. 20, 
lines 17-21 of Raith); and 

• The second device storing the again advanced second copy of the secret (see 
col. 20, lines 17-21). 
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Regarding claim 4 , the combination of Raith in view of Huang et al. teaches 
further comprising executing a recovery technique in response to the first and second 
copies of the secret becoming out of synchronization (see col. 20, lines 15-46 of Raith). 

Regarding claim 5 , Raith teaches a system for use on a network, the system 
comprising: 

• A server including, 

o A communication interface (fig. 3, ref. num 1 1 97120'), 

o A processor for performing logic operations (fig. 3, ref. num 1 34'), 

o Storage (fig. 3, ref. num 116'), 

o Stored in the storage, a first copy of a secret (fig. 3, ref. num 116' and col. 

16, lines 29-35), 
o A secret validator (col. 1 7, lines 1 5-1 8), and 

o Means for advancing the first copy of the secret (fig. 3, ref. num 1 1 97120'); 

• A web appliance including, 

o A communication interface coupling the web appliance to the server over 

the network (fig. 2, ref. num 1 19/120), 
o A processor for performing logic operations (fig. 2, ref. num 1 34), 
o First storage (fig. 2, ref. num 116), 

o Stored in the first storage of the web appliance, a second copy of the 
secret (fig. 2, ref. num 116 and col. 16, lines 29-35), 
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o Means for advancing the second copy of the secret (fig. 2, ref. num 
119/120); 

o Second storage to store an authentication protocol to generate an 
authentication request to be sent to the server (col. 17, lines 12-18); 
and 

• The server and the web appliance further including, a protocol for recovering 
synchronization of the first and second copies of the secret (col. 20, lines 15-46). 

Raith does not teach the first device is a server and the second device is a web 
appliance. 

Huang et al. teaches the first device is a server and the second device is a web 
appliance (fig. 1, ref. num 101/106). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine the use of a server and web appliance as devices, as 
taught by Huang et al. , with the system of Raith . It would have been obvious for such 
modifications because a server provides services to many clients over a network. 

Regarding claims 6 and 13 , the combination of Raith in view of Huang et al. 
teaches wherein the secret comprises a PIN (see col. 9, line 64 through col. 10, line 4 of 
Huang et al.). 
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Regarding claims 7 and 14 , the combination of Raith in view of Huang et al. 
teaches wherein the PIN comprises a number of at least 80 bits (see col. 23, lines 6 of 
Raith, 12 bits of the rolling code are used. The claim limitation calls for at least 80 bits, 
however, Raith teaches 12 bits. As technology advances, more bits can be realized in a 
system. Raith's teachings were in 1991—10 years later (which is a very long time for 
improvement in computer terms) the instant application was filed. It is within reason 
that the rolling code can consist of 80 or more bits). 

Regarding claims 10 and 17 , the combination of Raith in view of Huang et al. 
teaches further comprising the client device in response to not receiving an affirmative 
authentication reply from the server device, 

• Advancing the first copy of the secret (see col. 17, lines 25-30 of Raith), 

• Sending the advanced first copy of the secret to the server device (see col. 17, 
lines 25-30 of Raith). 

Regarding claim 1 1 , the examiner takes Official notice that advancing the first 
copy of the secret comprises twice advancing the first copy of the secret would have 
been an obvious modification. Although Raith never states how many times the rolling 
code is advanced, it is well within the general understanding in the art that the rolling 
code can be advanced once, twice, or any other arbitrary number — as long as the 
second copy is advanced as many times as the first. The number of times the code is 
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advanced can even change with each transmission, thus creating more security in the 
system. 

Claims 15 and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Raith (USP '61 2) in view of Huang et al. (USPN '543), and further in view of Schulz 
(U.S. Patent Pub. 2002/0138737 A1). 

Regarding claims 15 and 19 . the combination of Raith in view of Huang et al. 
teaches further comprising determining that the appliance is not authentic and, 
responsive to that determination, disconnecting communication to the appliance (see 
col. 19, lines 43-45 of Raith). 

The combination of Raith in view of Huang et al. does not teach logging the failed 
authentication request. 

Schulz teaches logging the failed authentication request (paragraph 0058). 

It would have been obvious to one of ordinary skill in the art, at the time the 
invention was made, to combine logging the failed authentication request, as taught by 
Schulz . with the system of Raith/Huang et al. It would have been obvious for such 
modifications because a log contains a history for an account that can be used for 
reporting. 
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Response to Arguments 

5. Applicant argues that Raith (USPN 5,237,612) does not teach the first device 
authenticates the second device in response to an authentication request send from the 
second device (page 9). 

Regarding applicant's argument, examiner disagrees with applicant. The 
network (second device) does indeed send an authentication request, as cited by the 
examiner in the previous office action. The passage cited (col. 17, lines 12-18) shows 
that the network sends a RESPBIS to the mobile station to validate the network and, 
similarly, the mobile device sends a RESP to the network to validate the mobile device. 
The network sends a RAND and RESPBIS to the mobile network and calls this an 
authentication order telling the mobile device to respond to these values and transmit 
back a RESP. This clearly shows "the second device sending an authentication request 
to the first device," as cited in the independent claims. 

Conclusion 

6. THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 



extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Brandon S. Hoffman whose telephone number is 571- 
272-3863. The examiner can normally be reached on M-F 8:30 - 5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-21 7-91 97 (toll-free). 



shortened statutory period will expire on the date the advisory action is mailed, and any 
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